Maxxum is on the Fast Track

IT asset disposition and data destruction company, Maxxum, Inc. continues to grow.
Rich Woodward, CEO and owner of Maxxum is back at the helm after a couple of
attempts at assigning leadership to outsiders. “I realized that our culture and strong
team approach does not need a new leadership figure. I eliminated the president role,
set the tone and direction for our team and then got out of the way. The response has
been nothing but astounding.”

Maxxum has a strong leadership team consisting of Controller Mike D’Jock, Director of
Operations Larry Hovseth, and Woodward. This team works closely with the sales team
and client services group. Twenty-five-plus-year client services veteran, Stacey
Sheffield, leads the client services group. The sales team has combined industry
experience of over 65 years. Bruce Janovec handles most of the equipment purchases,
Steve Joyce and Brian Sturdevant handle equipment remarketing, and Brandon Rooney
is responsible for ecommerce sales. This team leadership and team selling approach
resulted in an increase of 92% in the 4th quarter of 2017 and 102% already in the fast
start to 2018.

Woodward’s Mantra has been Consistent

How we will be successful in our new environment:

Communicate & close communication loop(s)

Collaborate

Improve our processes & models

Decision making that is immediate and at the front line

Empower TEAM—because I trust and care about them

“It has been rewarding to see the results, as well as the team having some fun. Growth
has its challenges, but the team is working together to move us forward.”

If you would like more information on Maxxum, our services, equipment purchases or
remarketing, please contact Brian Sturdevant at 651-674-2715 or visit Maxxum’s Website.

Risk mitigation is the biggest driver of IT asset disposition. For most companies there is a myriad of concerns including compliance issues, control of assets, process considerations and financial considerations, to name a few. The biggest concern of all is a data breach that can be very expensive no matter how you define it. According to the Ponemon Institute, the average cost of a data breach in the US is $217 per record, and $6.53 million per incident. The largest cost of a breach is loss of business. Other losses may include damaged brands, loss of trade secrets, personnel records, financial information, etc.

Risk management, compliance and security are all vital aspects of IT asset disposition as well. There are many regulations to consider including HIPAA, HITECH, PCI, etc. There are environmental regulations that come into play with electronics. Electronics contain heavy metals such as cadmium, lead and mercury that are highly toxic. Corporate compliance or sustainability groups, in particular, will want to ensure that the equipment is handled properly and not go to a landfill. The last thing your company needs is bad press when it is discovered that your equipment is involved in an EPA cleanup operation.

Risk assessment will likely play a role in any IT asset disposition, and the smart play for almost any company is to err on the side of well-informed caution. Anyone who pays attention to the business section of their newspaper or favorite website is aware of the rising number of instances where companies are being hit with fines for sloppy disposition. And those are the businesses that get off easy when compared to those who suffer the multiple ramifications of data breaches: loss of information, reputation, and business. There are too many examples of companies suffering huge damages, who never even knew they were doing anything wrong or they took the least expensive path versus designing asset management practices, disposition processes and training that were appropriate to the needs and financial considerations of their company.

Cyber security initiatives and budgets often obscure the importance of IT asset destruction best practices. It’s also hard for any company to keep up with all the latest regulations “do’s and don’ts”. Your ITAD partner should help you sort through your risk assessment questions:

How are assets moved and managed?

Is device encryption before shipping to an ITAD vendor sufficient, or does data erasure need to be done before devices are shipped?

Is onsite destruction of hard drives a necessity?

When is the chain of custody?

How is IT equipment to be stored prior to going to the ITAD vendor?

What are the logistics in moving the equipment?

When disposing of old IT assets, risk should be weighed against practicality, compliance considerations, organizational competency, and financial considerations amongst other things. Allowing your ITAD partner to remarket equipment can lower costs and maybe even pay off your disposition costs. You usually get what you pay for and IT asset destruction should not be the place where you cut corners. Working with a vendor like Maxxum will assure that your entire IT asset disposition is done in the most strategic manner possible.

With the 2016-17 school year winding down, many schools are now considering IT equipment refreshes for next year and beyond. As part of their planning effort, schools will be assessing the remarketing or residual value of their current equipment to determine the viability of leasing or purchasing new equipment.

As trusted advisors to schools, colleges, universities and corporations, Maxxum helps these institutions assess the value and best disposition path for their IT assets. Maxxum’s remarketing programs are an effective way to mitigate data security risk, liquidate equipment, and actually gain a return before equipment becomes a liability due to obsolescence, disposal or recycling costs. We purchase all leading brands and types of IT equipment including tablets, laptops, desktops, networking gear, etc.

Maxxum has an easy process and makes it as simple as possible for school districts and institutions. Maxxum provides a full range of services to support any individual requirements. Our MaxxumSafe web portal makes asset tracking and record keeping transparent and simple. Maxxum also sells schools new and used equipment.

Throughout Maxxum’s history, and through our recent acquisition of Trace TM, we have worked with many clients in the education sector, providing data sanitization and remarketing services. Maxxum’s clientele has spanned the Twin Cities metro area, including public school systems in Edina, Fridley, Monticello and Owatonna, and Bethel College, Augsburg College, College of St. Scholastica and Capella University.

One of the advantages of working with Maxxum is that we are local. With two facilities in the Twin Cities, we’re able to get to know and meet with our school partners and prospects to understand their needs and requirements. Questions we ask our education partners include:

How do they value their equipment?

Why are they turning over their current equipment?

What are the financial considerations?

What is the greater purpose of remarketing the equipment?

What are their expectations for disposition?

What does the timing look like for their equipment refreshes?

Have they explored secure and compliant data destruction?

The more information Maxxum has the more resourceful and better advisor we can be. Maxxum wishes all education institutions a great last few weeks of the current school year and congratulates you on another successful year. Maxxum encourages you to reach out to us if you have any questions at all about your IT equipment.

Minneapolis and St. Paul, MN (April, 2017)—Maxxum Inc., an IT asset management and data destruction firm based in the Twin Cities, is celebrating 20 years in business. In conjunction with this milestone, Maxxum also announced its MAXXUMIZE Strategic Growth Initiative last week, incorporating a new organizational structure.

Celebrating 20 Years of Business

Founded originally as an IT equipment remarketing firm, clients began asking Maxxum for additional services including data destruction and disposition of end-of-life IT assets. A new business was born that grew rapidly. It is now Maxxum’s only business.

Over the last 20 years, Maxxum has been protecting the confidential information of healthcare providers, financial service firms, educational institutions, government agencies, non-profits and private sector businesses. The company has grown to be one of the largest independently owned and operated risk mitigation and IT asset destruction companies. Maxxum maintains a blue-chip client base that it serves in the Twin Cities metro area, around the state, regionally, nationally and internationally.

“Risk mitigation on behalf of our clients is the cornerstone of our business. It guides all that we do as a company,” said Rich Woodward, Maxxum CEO. “We believe that our extensive experience combined with our National Association for Information Destruction (NAID) AAA Certified® qualifications and local accessibility offers organizations a superior solution for secure, reliable, compliant and price-competitive risk mitigation services.”

Maxxumize Strategic Growth Initiative

The MAXXUMIZE Strategic Growth Initiative is designed to support profitable growth, greater operational efficiency, and improved collaboration across the enterprise. “We will focus our actions to support our organic growth and the integration of our recent acquisition of Trace Technology Management, said Woodward.

“While this is a milestone event, Maxxum is still driven by an entrepreneurial spirit which has enabled us to constantly challenge ourselves and the way we do business,” Woodward added. Our MAXXUMIZE Strategic Growth Initiative brings focus to these efforts and prepares us well for growth and the next evolution of the company.”

About Maxxum: Maxxum is a well-regarded, long-established presence in the IT asset management and remarketing space both in Minnesota and nationally. As a risk mitigation partner for leading companies around the country, particularly those in highly regulated industries, Maxxum is known for its extensive technical expertise, regulatory knowledge, multi-industry specialization and enduring client relations.

NAID CEO Bob Johnson was catching his breath and a little blown away at the great turnout for the association’s annual conference, which took place in Las Vegas from March 22-24.

“I’m still trying to get my head around the fact that after 23 years NAID conference attendance records are still being set,” Johnson said, referencing the nearly 900 industry professionals who turned out for the 2017 version of the event.

“If I had to guess, I would say it’s the combination of a more stable marketplace, increasing recognition of NAID Certification by customers, especially in the area of electronic data destruction, and growing interest in the medical waste management industry,” said Johnson.

Maxxum works closely with many healthcare organizations to help them ensure they’re compliant when their equipment, and the data stored on the equipment, has reached its end of life.

Organizations are often surprised to learn which devices in their enterprise store HIPAA protected information. In addition to computers, healthcare organizations need to consider the number of medical devices that store electronic protected health information (ePHI). Often times the number and type of ePHI capable devices may not even be known to the organization. For example, who would expect that a pocket-sized, battery-operated device for measuring lung volume (a spirometer) could store thousands of unique patient records that include patient name, birthdate, sex, test dates, test results, and more? Maxxum’s forensic discovery process uncovered that for a client.

Maxxum offers ePHI assessment and sanitization services that begin with a thorough audit of data bearing equipment. We then help you develop risk mitigation strategies and practices to eliminate your risk of HIPAA violations due to PHI breaches rooted in equipment handling and management.

Maxxum is proud to be AAA Certified by the National Association for Information Destruction (NAID), the third party watchdog of our industry.

The NAID Certification Program establishes standards for secure data and equipment destruction processes. These include:

Operational security

Employee hiring and screening

The destruction process

Responsible disposal

Insurance

Why is NAID certification important?

Working with a NAID AAA Certified company offers peace of mind. It means you’re working with a qualified and reputable data destruction partner who satisfies all of their information destruction regulatory requirements.

Minneapolis and St. Paul, MN (April, 2017)—Maxxum Inc., an IT asset management and data destruction firm based in the Twin Cities, today announced its MAXXUMIZE Strategic Growth Initiative incorporating a new organizational structure along with the promotion of a current employee to a newly created Director of Operations position.

Maxxumize Strategic Growth Initiative

The MAXXUMIZE Strategic Growth Initiative is designed to support profitable growth, greater operational efficiency, and improved collaboration across the enterprise. “We will focus our actions to support our organic growth and the integration of our recent acquisition of Trace Technology Management,” said Rich Woodward, Maxxum CEO. “We are increasing the customer focus of our organization by streamlining it for greater agility and speed.”

The company is also moving its rapidly growing IT equipment remarketing business to its St. Louis Park facility. “Space constraints along with the opportunity to operate this as a standalone business and in a more entrepreneurial manner were our motivations,” said Tom Pritzker, Maxxum President. “We expect to better manage and more quickly turn inventory because we will operate without some of the constraints imposed by the processes and security requirements of our data destruction business that dominates our Rush City Facility. This separation of operations offers us the best of both worlds,” said Pritzker.

Larry Hovseth Promoted to Director of Operations

As part of this strategic initiative, Maxxum promoted Larry Hovseth to Director of Operations. For the past three years, Hovseth held the role of Manager of Technology Services where he was responsible for data destruction processes, on-site services, compliance and Maxxum’s IT function, among other initiatives.

In his new role, Hovseth will oversee the entire operations team and be responsible for all processing operations in both Rush City and St. Louis Park. “The MAXXUMIZE Strategic Growth Initiative is designed to support our profitable growth, greater operational efficiency, and improved collaboration,” said Pritzker. “Larry is the point person to make sure this happens in our operations in a timely manner. He is one of our best thinkers and knows our business well.”

Prior to joining Maxxum, Hovseth was with Imation in a variety of roles.

About Maxxum: Maxxum is well-regarded, long-established presence in the IT asset management and remarketing space both in Minnesota and nationally. As a risk mitigation partner for leading companies around the country, particularly those in highly regulated industries, Maxxum is known for its extensive technical expertise, regulatory knowledge, multi-industry specialization and enduring client relations.

How Maxxum Helps You Mitigate Risk When Disposing Medical Equipment

“The dirty little secret is that most (medical) manufacturers did not anticipate the cybersecurity risks when they were designing them a decade ago, so this is just scratching the surface really.”

That statement is a sobering reality for the medical profession. It’s from a CNBC interview with Kevin Fu, who directs the University of Michigan’s Archimedes Center for Medical Device Security. “There is no [impervious] device; pretty much every device that has a computer in it is breakable,” Fu told CNBC’s “On the Money.”

In this day and age almost all medical devices contain some type of information that is susceptible to thieves, not only when they’re active, but even after the devices are taken off-network. The truth is, data lingers even when equipment is done being used and a hospital or doctor’s office thinks they’ve removed all of the information.

So how can Maxxum help mitigate risk in the medical device industry? Here’s a great example of a recent success story: Maxxum was provided with a pocket-sized, battery-operated device for measuring lung volume (a spirometer). It was thought to be “clean” but Maxxum’s forensic process uncovered 2,200 unique patient records that included patient name, birthdate, sex, test dates, test results and more.

The success of your business is contingent on the integrity of your intellectual property. Maxxum has extensive experience removing all traces of information from technology assets before they go downstream. We protect your sensitive information and ensure compliance with all regulatory requirements, indemnifying you from liability.

Maxxum works with a variety of companies to ensure that their medical devices have had all traces of information and data removed before downstream destruction of equipment is completed.

Maxxum is your partner in risk mitigation. We’re with you through the entire lifecycle of your computers, electronics and all technology, providing valuable support and guidance during acquisition, disposal, and during any custody change.

If cyber hackers can unearth the financial secrets of Russian President Vladimir Putin, do you really think your company is safe from the same thing?

Panama Papers: “History’s Biggest Data Leak”

News of the “Panama Papers” is filling newspapers and websites across the globe this week, in what The Guardian is calling, “History’s biggest data leak”.

Hackers have unearthed the financial secrets of some of the world’s most powerful people, detailing the secrets of how many international politicians, business leaders and celebrities have used the Panamanian law firm Mossack Fonseca, the fourth-largest offshore law firm in the world, unseemly financial transactions.

The Panama Papers are 11.5 million documents taken from the files of Mossack Fonseca by an unnamed source and turned over to a German newspaper. Information from this leaked data continues to spill out and the repercussions already include the prime minister of Iceland resigning on April 5, the president of Transparency Chile, a branch of a global anti-corruption group, stepping down on April 4, and the CEO of large Austrian bank resigning on April 7.

Others named involved in the massive data breach were the presidents of Argentina and the Ukraine, the prime minister of Pakistan, a king from Saudi Arabia, the former emir of Qatar, and Argentine soccer star Lionel Messi. A Russian cellist who’s a close confidant of Putin has also been named in the documents.

As the fallout from this massive data leak continues to reverberate literally around the world, it’s a great reminder that every company is at risk of a data breach. If the world’s richest and most powerful people can have their most confidential information hacked, cyber hackers can seemingly get anywhere they set their minds too.

Is your company safe?

While up to nearly half of all organizations experienced a data breach in the last year, a recent report by AIIM (Association for Information and Image Management) showed that a quarter of respondents felt that their senior managers did not take the risks of data privacy breaches seriously.

This report comes on the heels of a 2015 IBM survey of more than 700 C-level executives, almost three-quarters of CEOs believed that ‘rogue individuals’ as the largest threat to organizations—the truth is 80% of cyber attacks are led by highly organized crime rings.

Too many C-level leaders have their hand in the sand and move forward with an “It won’t happen to us” mentality.

Protect your company and be proactive. Your data is everywhere these days—on hard drives and paper at the office, with volumes of information on laptops that move in and out of the office, on mobile devices and cloud storage—these are all entities that need to be managed from the C-level on down.

IBM’s study revealed that almost two-thirds of C-level executives in marketing, human resources and finance departments acknowledge they are not actively engaged in cyber security strategy and execution. Cyber security is at a point now where it simply has to go beyond the IT department. Criminals are targeting any department where personally identifiable and financial information resides.

Senior managers have to commit to information security before an organization can fully adopt a culture of security. Employees will follow the example set by their managers.

The Panama Papers put another spotlight on cyber security. Even the most rich and powerful are at risk.

Maxxum has always taken our responsibilities as a secure data destruction service provider very seriously. It’s why we’re proud to be AAA NAID certified—a program that establishes standards for secure data and equipment destruction processes.

Maxxum passed a strict audit to become NAID AAA certified and has agreed to not only be recertified every year, but must pass random audits during the course of the year.

Working with an asset disposal company that is NAID AAA certified should first and foremost bring peace of mind to an organization. With data breaches and information theft making headlines far too often, it’s a HUGE relief for companies to partner with an organization like Maxxum, who will make sure they receive documented transfer of custody and indemnification from their technology assets.

Ensuring Data Security One Step Further with Downstream Data Coverage

Maxxum is now taking that piece of mind one step further for their customers as a “best practices” initiative. We’re now insured by Downstream Data Coverage, the only professional liability coverage developed specifically by NAID for data destruction services.

“Data-related service providers obtain professional liability insurance to protect themselves and to ensure they can cover their financial liabilities to their clients. When a service provider purchases an inadequate professional liability policy, they not only put themselves at risk, they also leave their customer exposed. Downstream Data Coverage seeks to make sure that doesn’t happen.”

This specialized policy addresses many of the shortcomings of standard professional liability coverage that leave service providers and their customers at risk.

Downstream Data Coverage is only available to service providers that are subject to the routine announced and unannounced audits of NAID AAA certification. This means that not only is the service protecting the customer with quality professional liability insurance, the service provider is also operating under the scrutiny of outside auditors trained specifically for that purpose.

Too many technology asset destruction service providers rely on off-the-shelf professional liability coverage because they had no other alternatives. Many times that coverage still leaves companies without the full coverage they seek.

Many customers remain at risk, because their service provider would not be able to effectively cover their liability. At Maxxum, we are proud to ensure our processes meet the high standards needed for proper technology asset disposal and data destruction; with Downstream Data Coverage, we’ve just taken it one step further.

If you’ve picked up a newspaper or watched the news on television over the last five years, you’re probably aware that identity theft is one of the fastest rising crimes in the United States. It was probably bound to happen, as more and more of our lives, including our financial transactions, are done digitally, criminals have followed close behind, and cyber crime is increasing dramatically. So you knew that, but did you know that identity theft now costs Americans nearly twice as much as property theft? In a recent report the U.S. Bureau of Justice statistics found that total losses attributed to identity theft in 2012 were $24.6 billion, compared to $13.9 billion for property theft crimes. One would imagine that those numbers are only going to rise over the next decade.

Cyber Crime – is there an End in Sight?

There are plenty of studies that show that the crime rate is falling in the U.S., but many of those studies can be construed as inaccurate, as there still isn’t a great way of measuring cyber crime. An article from last year in phys.org had the following two quotes:

“Crime reporting has to be updated for the cyber-era,” said researcher and dean of the UAlbany School of Criminal Justice Alan Lizotte. “Property crime that remains underreported because it’s online crime shapes our response to it, particularly the response of law enforcement—what’s hidden stays hidden, yet continues to be a real, growing threat.”

“Recent data breaches targeting major US retailers and, more disturbingly perhaps, health-care providers, are evidence that we’ve reached a new frontier in criminal behavior,” said UAlbany criminal justice school researcher Giza Lopes. “Crime control is far from keeping up—a deficit that spans from inadequate measurement to jurisdictional inability to deal with a problem that spills over physical and national boundaries.”

Clearly cyber crime is on the rise and the ways to keep track of it haven’t quite caught up yet. What this means for organizations however, is that it’s pretty obvious that the need for data security is more important than ever. Maxxum’s recent research study revealed that over 40 percent of companies sometimes use disposal methods outside of a professional technology disposal service—including equipment donations and giving equipment to employees.

There’s certainly nothing wrong with donating or gifting old technology, but we can’t stress enough how important it is to have that technology wiped clean of information beforehand. Simply deleting material isn’t nearly enough. Drives need to be sanitized and wiped clean to insure that your sensitive information isn’t leaving your building in your old technology assets.

Organizations should make sure they receive documented transfer of custody and indemnification from their technology asset disposal company (we’ve outlined a few other key things to expect from a technology asset disposal company for reference here).

At Maxxum, we’re committed to smart, strategic partnerships with our clients. We stay up-to-date on laws and regulations regarding data privacy and environmental responsibility. We develop and support industry best practices in compliance, remarketing, recycling and reporting.